Let's face it. Microsoft might be your most critical IT asset. It includes your email, Microsoft Teams, OneDrive, SharePoint, and other cloud apps and data. It also might be your most vulnerable IT system. And most organizations do little to nothing to protect this critical IT asset.
Below are the Top 3 Threats against Microsoft 365. Let us know what other threats that you see.
Threat 1 Phishing - Phishing attacks continue to increase in volume and sophistication. And the amount of information available via social media, the Dark Web, and other sources means that cybercriminals can target their phishing attacks, making them more difficult to detect. Avoiding phishing attacks is the number 1 way to avoid ransomware and other malware. Here's how you can protect yourself.
- Upgrade to Microsoft 365 Business Premium, which includes anti-phishing functionality.
- Make sure your users are completing annual cybersecurity training and using the SLAM method to analyze emails from unknown senders before opening the emails or clicking on links.
- Purchase a comprehensive cybersecurity training solution that includes phishing simulations, Dark Web monitoring, weekly micro trainings, and Employee Secure Score.
Threat 2 Account Compromise - The threat of a cybercriminal gaining access to one or more of your Microsoft 365 user accounts is chilling. Cybercriminals could gain access through stolen credentials published on the Dark Web, or through social engineering one of your users. This could result in financial losses if the cybercriminal can convince your clients to send payments to a different account. Even more damage can be done if the cybercriminal is able to compromise a Microsoft 365 Global Administrator account. Here's how you can protect yourself.
- Implement Multi-Factor Authentication. Even if a cybercriminal manages to gain access to your credentials, they won't be able to login to your Microsoft 365 account without your additional factor (usually your cell phone). This is the number 1 thing you can do to protect your email.
- Setup monitoring for external forwarding rules. Whenever a cybercriminal gains access to a Microsoft 365 account, the first thing they do is setup a forwarding rule to forward all of your incoming and outgoing email to their email. This way they can monitor what type of email traffic you are sending and receiving and determine how to financially attack you. Setting up monitoring for external forwarding rules will notify you when these rules are created, and allow you to quick stop the cybercriminal before they do damage. Our SPOT Shield Managed Cybersecurity for IT Teams includes this functionality.
- Upgrade to Microsoft 365 Business Premium or E3 and setup Conditional Access. Conditional Access allows you to setup geofencing rules so that users can only login to their Microsoft 365 accounts from specific geographic locations. Since most cybercriminals are outside the USA, setting up Conditional Access rules to only allow login access from the USA will block attackers from outside the country.
Threat 3 Spoofing - Cybercriminals love to spoof your email domain. They will send emails as you, often right to one of your users. And of course, most of us would click on a link in an email that appears to be from one of our colleagues. Technically, these are phishing attacks, but they are more difficult to detect because they appear to be from a user inside our organization. Here's what you can do to protect yourself.
- Upgrade to Microsoft 365 Business Premium, E3, or purchase our SPOT Shield Managed Cybersecurity for IT Teams, and turn on spoofing alerting. This will show up as a notification in emails that are spoofing your domain.
While these are the top 3 threats against Microsoft 365, they are far from the only threats. If you'd like to receive a FREE Microsoft 365 Cybersecurity Assessment, schedule a complimentary meeting to discuss your Microsoft 365 needs.
Leave a comment!